The ProgramBinary::linkAttributes function in libGLES in ANGLE, as used in Mozilla Firefox prior to 41.0 and Firefox ESR 38.x prior to 38.3 on Windows, mishandles shader access, which allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted (1) OpenGL or (2) WebGL content.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox_esr 38.0.1 |
||
mozilla firefox_esr 38.0 |
||
mozilla firefox_esr 38.2.0 |
||
mozilla firefox_esr 38.1.1 |
||
mozilla firefox_esr 38.1.0 |
||
mozilla firefox_esr 38.0.5 |
||
mozilla firefox_esr 38.2.1 |
||
mozilla firefox |